<?php
	header("Content-Type: text/html;charset=utf-8");
	include("function/_nosql.php"); //
	include("function/function.php");
	include("_include.user.judge.php");
	
	$kboy_userid = $_SESSION['kboy_userid'];
	$kboy_user = $_SESSION['kboy_user'];
	
	$action = chkstr(trim($_REQUEST['action']));
	$user_ypassword = chkstr(trim($_REQUEST['user_ypassword']));
	$user_password = chkstr(trim($_REQUEST['user_password']));
	$user_repassword = chkstr(trim($_REQUEST['user_repassword']));

	if($action == "edit"){
		// 密码验证
		if(strlen($user_ypassword)<1){
			echo erro("原密码不能为空！");
		}
		if(strlen($user_password)<5){
			echo erro("密码不能少于5位字符！");
		}
		if(strlen($user_repassword)<5){
			echo erro("两次密码输入不一致！");
		}
		if($user_password != $user_repassword){
			echo erro("两次密码输入不一致！");
		}
		
		$user_ypassword = md5(md5($user_ypassword));
		$user_password = md5(md5($user_password));
		$is_reguser = getNewsNums("kboy_user","uid='$kboy_userid' and user_password='$user_ypassword'");
		if($is_reguser<1){
			echo erro("原密码错误！");
		}
		// 修改数据
		$mysql = new sqlstr("kboy_user"); 
		$mysql -> set("user_password",$user_password);
		$news_sql = $mysql -> updateSql("uid=$kboy_userid");
		$news_res = mysql_query($news_sql);
		if($news_res){
			$_SESSION['kboy_user'] = "";
			$_SESSION['kboy_userid'] = "";
			echo ok("操作成功","user_editpwd.php");
		}else{
			echo erro("服务器内部错误");
		}
	}else{
		echo erro("参数错误");
	}
?>